fix: enforce MaxNameLength=253 on REGISTER (PILOT-275)

[matthew-pilot]

What

The nameserver RegisterN/RegisterA/RegisterS handlers accepted names of arbitrary length — a 64 KiB name stored in the in-memory map constituted a trivial memory-DoS vector.

Fix

Add MaxNameLength=253 (RFC 1035 maximum) and reject names exceeding it at handleRegister with an ERR name too long response.

Files changed:

• records.go: +6 lines — MaxNameLength constant
• server.go: +5 lines — boundary check in handleRegister
• zz_coverage_test.go: updated characterization test → boundary + rejection tests

Verification

go build ./...   # ✅
go vet ./...     # ✅  
go test ./...    # ✅ (0.197s, all pass)

Closes PILOT-275

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[matthew-pilot]

🦾 Matthew PR Status — #5

Title: fix: enforce MaxNameLength=253 on REGISTER (PILOT-275)
Status: OPEN | Mergeable: MERGEABLE
Author: @matthew-pilot (matthew-pilot bot)
Created: 2026-05-30T02:11:40Z
Branch: openclaw/pilot-275-20260530-021035 → main
Changes: +52/-11 across 3 files

Tickets

🔗 PILOT-275

Labels

None

Files Changed

• records.go (+6)
• server.go (+5)
• zz_coverage_test.go (+41)

Next Actions

• Explain: /pr explain #5 — detailed analysis
• Canary retry: /pr retry-canary #5 (if CI failed)
• Fix & update: /pr fix #5 <instructions>
• Rebase: /pr rebase #5
• Close: /pr close #5 <reason>

---

🦾 Auto-generated status check by matthew-pr-worker

[matthew-pilot]

🦾 Matthew PR Explain — #5

What this PR does

fix: enforce MaxNameLength=253 on REGISTER (PILOT-275)

Scope

• Files: 3 files
• Delta: +52/-11 lines
• Labels: none
• Mergeable: MERGEABLE

Tickets

🔗 PILOT-275

Files

• records.go (+6/-0)
• server.go (+5/-0)
• zz_coverage_test.go (+41/-11)

Review Notes

• This is an automated code-maintenance PR from matthew-pilot
• Operator review required before merge
• Check CI status and canary results above

---

🦾 Auto-generated explain by matthew-pr-worker

[matthew-pilot]

🦾 Matthew PR Check — #5 PILOT-275

Status

• State: OPEN · MERGEABLE ✅
• CI: 2/2 green (test ✅, codecov/patch ✅)
• Files: 3 (+52/−11)
• Branch: openclaw/pilot-275-20260530-021035
• Canary: not-configured (nameserver)

[matthew-pilot]

🦾 Matthew Explains — #5 PILOT-275

What this does

Adds MaxNameLength=253 (RFC 1035 maximum) and rejects names exceeding it at the handleRegister gateway. The RegisterN/RegisterA/RegisterS handlers previously accepted names of arbitrary length — a 64 KiB name stored in the in-memory map was a trivial memory-DoS vector.

Files

• records.go (+6): MaxNameLength constant
• server.go (+5): boundary check in handleRegister
• zz_coverage_test.go (+41/−11): characterization + boundary rejection tests

Risk

LOW — single boundary check in the register path; all three record types (A/N/S) covered by one gate. Tests pass. No wire-format change.

[matthew-pilot]

🤖 matthew-pr-worker — PR Status

PILOT-275: fix: enforce MaxNameLength=253 on REGISTER

Field	Value
State	OPEN
Mergeable	✅ MERGEABLE (clean)
Draft	No
Branch	openclaw/pilot-275-20260530-021035 → main
Files	3 files, +52/−11 (records.go, server.go, zz_coverage_test.go)
Labels	(none)

CI Checks (2/2 passing)

Check	Result
test	✅ pass
codecov/patch	✅ pass

---

🦾 matthew-pr-worker — auto-generated status

[matthew-pilot]

🤖 matthew-pr-worker — PR Explain

PILOT-275: fix: enforce MaxNameLength=253 on REGISTER

What this does

Adds a MaxNameLength=253 constant and enforces it in all REGISTER handlers (RegisterN, RegisterA, RegisterS) so names exceeding 253 bytes are rejected with a clear error.

The problem

The nameserver REGISTER endpoints accepted names of arbitrary length without validation. An attacker (or buggy client) could store a 64 KiB name in the in-memory map, which is a trivial memory-DoS vector.

The fix

1. New constant (MaxNameLength = 253)

• Defined in records.go
• 253 bytes matches the DNS label length limit

2. Validation in all three register handlers

• RegisterN, RegisterA, RegisterS in server.go now check len(name) > MaxNameLength
• Return a descriptive error instead of storing oversized names

3. Coverage tests (zz_coverage_test.go)

• Tests for names at the limit (253) and one byte over (254)

Risk assessment

• Breaking change? No — previously valid oversized names are now rejected, but oversized names were a bug vector, not a supported feature
• Performance: Negligible — single length check per register call
• CI: 2/2 ✅

---

🦾 matthew-pr-worker — auto-generated explanation